[Pkg-owncloud-maintainers] Bug#699441: [Secure-testing-team] Bug#699441: owncloud: Multiple security issues in owncloud

Salvatore Bonaccorso carnil at debian.org
Thu Jan 31 14:37:02 UTC 2013


Control: merge 698737 699441

Hi John

On Thu, Jan 31, 2013 at 07:25:38AM -0600, John Goerzen wrote:
> Package: owncloud
> Version: 4.0.4debian2-3.2
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> The version of owncloud in both testing and unstable contains security
> holes.
> 
> http://owncloud.org/changelog/ has details.  Upstream versions 4.0.11
> and 4.5.6 fixed:
> 
>  * Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203
>  * Security: Removed remoteStorage app because of unfixed security problems.

Yes, owncloud fixing these is in the delayed queue:

See: http://bugs.debian.org/698737

Regards,
Salvatore



More information about the Pkg-owncloud-maintainers mailing list